本文整理汇总了Python中saml2.config.SPConfig.load方法的典型用法代码示例。如果您正苦于以下问题:Python SPConfig.load方法的具体用法?Python SPConfig.load怎么用?Python SPConfig.load使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.config.SPConfig的用法示例。
在下文中一共展示了SPConfig.load方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get_saml2_config
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def get_saml2_config(module_path):
module = imp.load_source('saml2_settings', module_path)
conf = SPConfig()
conf.load(module.SAML_CONFIG)
return conf示例2: config_settings_loader
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def config_settings_loader(request=None):
"""Utility function to load the pysaml2 configuration.
This is also the default config loader.
"""
conf = SPConfig()
conf.load(copy.deepcopy(settings.SAML_CONFIG))
return conf示例3: test_ecp
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def test_ecp():
cnf = SPConfig()
cnf.load(ECP_SP)
assert cnf.endpoint("assertion_consumer_service") == ["http://lingon.catalogix.se:8087/"]
eid = cnf.ecp_endpoint("130.239.16.3")
assert eid == "http://example.com/idp"
eid = cnf.ecp_endpoint("130.238.20.20")
assert eid is None示例4: create_logout_request
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def create_logout_request(subject_id, destination, issuer_entity_id,
req_entity_id, sign=True):
config = SPConfig()
config.load(sp_config)
sp_client = Saml2Client(config=config)
# construct a request
logout_request = samlp.LogoutRequest(
id='a123456',
version=VERSION,
destination=destination,
issuer=saml.Issuer(text=req_entity_id,
format=saml.NAMEID_FORMAT_ENTITY),
name_id=saml.NameID(text=subject_id))
return logout_request示例5: _saml2_config
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def _saml2_config(self):
if self._v_config is None:
sp_config = self._saml2_config_template()
sp_config['metadata']['local'] = [self.saml2_idp_configfile]
sp_config['entityid'] = self.saml2_sp_entityid
sp_config['service']['sp']['name'] = self.saml2_sp_entityid
sp_config['service']['sp']['url'] = self.saml2_sp_url
sp_config['service']['sp']['endpoints']['assertion_consumer_service'] = [self.saml2_sp_url,]
sp_config['service']['sp']['endpoints']['single_logout_service'] = ['%s/logout' % self.saml2_sp_url, BINDING_HTTP_REDIRECT]
sp_config['service']['sp']['url'] = self.saml2_sp_url
sp_config['xmlsec_binary'] = self.saml2_xmlsec
config = SPConfig()
conf=sp_config.copy()
config.load(conf)
self._v_config = config
return self._v_config示例6: _saml2_config
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def _saml2_config(self):
if self._v_config is None:
sp_config = self._saml2_config_template()
sp_config["metadata"]["local"] = [self.saml2_idp_configfile]
sp_config["entityid"] = self.saml2_sp_entityid
sp_config["service"]["sp"]["name"] = self.saml2_sp_entityid
sp_config["service"]["sp"]["url"] = self.saml2_sp_url
sp_config["service"]["sp"]["endpoints"]["assertion_consumer_service"] = [self.saml2_sp_url]
sp_config["service"]["sp"]["endpoints"]["single_logout_service"] = [
"%s/logout" % self.saml2_sp_url,
BINDING_HTTP_REDIRECT,
]
sp_config["service"]["sp"]["url"] = self.saml2_sp_url
sp_config["xmlsec_binary"] = self.saml2_xmlsec
config = SPConfig()
conf = sp_config.copy()
config.load(conf)
self._v_config = config
return self._v_config示例7: test_config_loader_with_real_conf
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def test_config_loader_with_real_conf(request):
config = SPConfig()
config.load(conf.create_conf(sp_host='sp.example.com',
idp_hosts=['idp.example.com']))
return config示例8: test_config_loader
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def test_config_loader(request):
config = SPConfig()
config.load({'entityid': 'testentity'})
return config示例9: test_config_loader_with_real_conf
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def test_config_loader_with_real_conf(request):
config = SPConfig()
config.load(conf.create_conf(sp_host='sp.example.com',
idp_hosts=['idp.example.com'],
metadata_file='remote_metadata_one_idp.xml'))
return config示例10: Saml
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
class Saml(object):
"""
SAML Wrapper around pysaml2.
Implements SAML2 Service Provider functionality for Flask.
"""
def __init__(self, config, attribute_map=None):
"""Initialize SAML Service Provider.
Args:
config (dict): Service Provider config info in dict form
attribute_map (dict): Mapping of attribute keys to user data
"""
self._config = SPConfig()
self._config.load(config)
if config['metadata'].get('config'):
# Hacked in a way to get the IdP metadata from a python dict
# rather than having to resort to loading XML from file or http.
idp_config = IdPConfig()
idp_config.load(config['metadata']['config'][0])
idp_entityid = config['metadata']['config'][0]['entityid']
idp_metadata_str = str(entity_descriptor(idp_config, 24))
LOGGER.debug('IdP XML Metadata for %s: %s' % (
idp_entityid, idp_metadata_str))
self._config.metadata.import_metadata(
idp_metadata_str, idp_entityid)
self.attribute_map = {}
if attribute_map is not None:
self.attribute_map = attribute_map
def authenticate(self, next_url='/', binding=BINDING_HTTP_REDIRECT):
"""Start SAML Authentication login process.
Args:
next_url (string): HTTP URL to return user to when authentication
is complete.
binding (binding): Saml2 binding method to use for request,
default BINDING_HTTP_REDIRECT (don't change til HTTP_POST
support is complete in pysaml2.
Returns:
Flask Response object to return to user containing either
HTTP_REDIRECT or HTTP_POST SAML message.
Raises:
AuthException: when unable to locate valid IdP.
BadRequest: when invalid result returned from SAML client.
"""
# find configured for IdP for requested binding method
idp_entityid = ''
idps = self._config.idps().keys()
for idp in idps:
if self._config.single_sign_on_services(idp, binding) != []:
idp_entityid = idp
break
if idp_entityid == '':
raise AuthException('Unable to locate valid IdP for this request')
# fail if signing requested but no private key configured
if self._config.authn_requests_signed == 'true':
if not self._config.key_file \
or not os.path.exists(self._config.key_file):
raise AuthException(
'Signature requested for this Saml authentication request,'
' but no private key file configured')
LOGGER.debug('Connecting to Identity Provider %s' % idp_entityid)
# retrieve cache
outstanding_queries_cache = \
AuthDictCache(session, '_saml_outstanding_queries')
LOGGER.debug('Outstanding queries cache %s' % (
outstanding_queries_cache))
# make pysaml2 call to authenticate
client = Saml2Client(self._config, logger=LOGGER)
(session_id, result) = client.authenticate(
entityid=idp_entityid,
relay_state=next_url,
binding=binding)
# The psaml2 source for this method indicates that BINDING_HTTP_POST
# should not be used right now to authenticate. Regardless, we'll
# check for it and act accordingly.
if binding == BINDING_HTTP_REDIRECT:
LOGGER.debug('Redirect to Identity Provider %s ( %s )' % (
idp_entityid, result))
response = make_response('', 302, dict([result]))
elif binding == BINDING_HTTP_POST:
LOGGER.warn('POST binding used to authenticate is not currently'
' supported by pysaml2 release version. Fix in place in repo.')
LOGGER.debug('Post to Identity Provider %s ( %s )' % (
idp_entityid, result))
response = make_response('\n'.join(result), 200)
else:
raise BadRequest('Invalid result returned from SAML client')
LOGGER.debug(
#.........这里部分代码省略.........
示例11: asgard_sp_config
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def asgard_sp_config(request=None):
host = "localhost"
if request != None:
host = request.get_host().replace(":","-")
x= {
# your entity id, usually your subdomain plus the url to the metadata view
'entityid': 'https://keybucket.app.nordu.net/saml2/sp/metadata',
# directory with attribute mapping
"attribute_map_dir" : "%s/saml2/attributemaps" % settings.BASE_DIR,
# this block states what services we provide
'service': {
# we are just a lonely SP
'sp' : {
'name': 'KeyBucket',
'endpoints': {
# url and binding to the assertion consumer service view
# do not change the binding osettingsr service name
'assertion_consumer_service': [
('https://keybucket.app.nordu.net/saml2/sp/acs/',
BINDING_HTTP_POST),
],
# url and binding to the single logout service view
# do not change the binding or service name
'single_logout_service': [
('https://keybucket.app.nordu.net/saml2/sp/ls/',
BINDING_HTTP_REDIRECT),
],
},
# attributes that this project need to identify a user
'required_attributes': ['eduPersonPrincipalName','displayName'],
}
},
# where the remote metadata is stored
#'metadata': { 'remote': [{'url':'http://md.swamid.se/md/swamid-idp.xml',
# 'cert':'%s/saml2/credentials/md-signer.crt' % settings.BASE_DIR}] },
'metadata': {'local': [settings.SAML_METADATA_FILE]},
# set to 1 to output debugging information
'debug': 1,
# certificate
"key_file" : "%s/%s.key" % (settings.SSL_KEY_DIR,host),
"cert_file" : "%s/%s.crt" % (settings.SSL_CRT_DIR,host),
# own metadata settings
'contact_person': [
{'given_name': 'Leif',
'sur_name': 'Johansson',
'company': 'NORDUnet',
'email_address': '[email protected]',
'contact_type': 'technical'},
{'given_name': 'Johan',
'sur_name': 'Berggren',
'company': 'NORDUnet',
'email_address': '[email protected]',
'contact_type': 'technical'},
],
# you can set multilanguage information here
'organization': {
'name': [('NORDUNet', 'en')],
'display_name': [('NORDUnet A/S', 'en')],
'url': [('http://www.nordu.net', 'en')],
}
}
c = SPConfig()
c.load(copy.deepcopy(x))
return c示例12: saml_acs
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import load [as 别名]
def saml_acs(request, idp_name, ms):
'''SAML ACS'''
xmlstr = request.POST.get("SAMLResponse")
# Create setting before call pysaml2 method for current IDP
# Refer to: https://pythonhosted.org/pysaml2/howto/config.html
setting = {
"allow_unknown_attributes": True,
# full path to the xmlsec1 binary programm
'xmlsec_binary': xmlsec_path,
# your entity id, usually your subdomain plus the url to the metadata view
'entityid': 'PCG:PepperPD:Entity:ID',
# directory with attribute mapping
'attribute_map_dir': path.join(SSO_DIR, 'attribute-maps'),
# this block states what services we provide
'service': {
# we are just a lonely SP
'sp': {
"allow_unsolicited": True,
'name': 'Federated Django sample SP',
'name_id_format': saml.NAMEID_FORMAT_PERSISTENT,
'endpoints': {
# url and binding to the assetion consumer service view
# do not change the binding or service name
'assertion_consumer_service': [
('https://59.45.37.54/genericsso/', saml2.BINDING_HTTP_POST),
],
# url and binding to the single logout service view
# do not change the binding or service name
'single_logout_service': [
('https://59.45.37.54/saml2/ls/', saml2.BINDING_HTTP_REDIRECT),
('https://59.45.37.54/saml2/ls/post', saml2.BINDING_HTTP_POST),
]
},
# attributes that this project need to identify a user
'required_attributes': ['uid'],
# attributes that may be useful to have but not required
'optional_attributes': ['eduPersonAffiliation'],
# in this section the list of IdPs we talk to are defined
'idp': {
# we do not need a WAYF service since there is
# only an IdP defined here. This IdP should be
# present in our metadata
# the keys of this dictionary are entity ids
# 'https://idp.example.com/simplesaml/saml2/idp/metadata.php': {
# 'single_sign_on_service': {
# saml2.BINDING_HTTP_REDIRECT: 'https://idp.example.com/simplesaml/saml2/idp/SSOService.php',
# },
# 'single_logout_service': {
# saml2.BINDING_HTTP_REDIRECT: 'https://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php',
# },
# },
},
},
},
# where the remote metadata is stored
'metadata': {
'local': [
path.join(BASEDIR, idp_name, 'FederationMetadata.xml')
],
},
# set to 1 to output debugging information
'debug': 1,
# === CERTIFICATE ===
# cert_file must be a PEM formatted certificate chain file.
# example:
# 'key_file': path.join(BASEDIR, 'sso/' + idp_name + 'mycert.key'), # private part
# 'cert_file': path.join(BASEDIR, 'sso/' + idp_name + 'mycert.pem'), # public part
# 'key_file': path.join(BASEDIR, 'sso/' + idp_name + 'mycert.key'), # private part
# 'cert_file': path.join(BASEDIR, 'sso/' + idp_name + 'customappsso.base64.cer'), # public part
# === OWN METADATA SETTINGS ===
# 'contact_person': [
# {'given_name': 'Lorenzo',
# 'sur_name': 'Gil',
# 'company': 'Yaco Sistemas',
# 'email_address': '[email protected]',
# 'contact_type': 'technical'},
# {'given_name': 'Angel',
# 'sur_name': 'Fernandez',
# 'company': 'Yaco Sistemas',
# 'email_address': '[email protected]',
# 'contact_type': 'administrative'},
# ],
# === YOU CAN SET MULTILANGUAGE INFORMATION HERE ===
# 'organization': {
# 'name': [('Yaco Sistemas', 'es'), ('Yaco Systems', 'en')],
# 'display_name': [('Yaco', 'es'), ('Yaco', 'en')],
# 'url': [('http://www.yaco.es', 'es'), ('http://www.yaco.com', 'en')],
# },
'valid_for': 24, # how long is our metadata valid
}
#** load IDP config and parse the saml response
conf = SPConfig()
conf.load(copy.deepcopy(setting))
client = Saml2Client(conf, identity_cache=IdentityCache(request.session))
oq_cache = OutstandingQueriesCache(request.session)
outstanding_queries = oq_cache.outstanding_queries()
#.........这里部分代码省略.........